I found the document.
https://support.office.com/en-us/article/use-compliance-manager-in-the-service-trust-portal-preview-5756d342-5af9-4496-82e8-4dd50fa39942?omkt=en-US&ui=en-US&rs=en-US&ad=US
---
Assigning permissions to Compliance Manager
---
By default, everyone in your organization with an Office 365 or Azure AD account has access to Compliance Manager and can perform any action in Compliance Manager.
After a user is added to a role, the default permissions are removed and only users have been added to a role will be able to access Compliance Manager and perform the actions allowed by that role.
---
I would like to deny users access to Compliance Manager.
Despite setting "Portal Admin" role to some user, user can access to Compliance Manager dashboard.
Is this by design for now?